Lucene search
K

7 matches found

NVD
NVD
added 2026/05/26 5:16 p.m.13 views

CVE-2026-44680

MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to @mikro-orm/knex 6.6.14 and @mikro-orm/sql 7.0.14, MikroORM's identifier-quoting helper Platform.quoteIdentifier and the postgres/mssql overrides and its JSON-path emitters...

7.6CVSS0.01252EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.22 views

PT-2026-39290

Summary MikroORM's identifier-quoting helper Platform.quoteIdentifier and the postgres/mssql overrides and its JSON-path emitters Platform.getSearchJsonPropertyKey, quoteJsonKey did not properly escape characters that delimit the SQL identifier or string-literal context they emit into. When...

7.6CVSS6.1AI score0.01252EPSS
Exploits2References8
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/01 4:24 p.m.55 views

Security Bulletin: Denial of Service vulnerability affect IBM Business Automation Workflow Event Emitters - CVE-2023-51074

Summary IBM Business Automation Workflow Event Emitters are vulnerable to a Denial of Service attack. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Criteria.parse method. By sending a speciall...

5.3CVSS5.8AI score0.0067EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/02 10:55 a.m.15 views

Security Bulletin: Denial of service vulnerability affects IBM Business Automation Workflow Event Emitters - CVE-2023-43642

Summary IBM Business Automation Workflow Event Emitters package a copy of snappy with a known vulnerability. Vulnerability Details CVEID:CVE-2023-43642 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by missing upper bound check on chunk length. By sending a specially crafte...

7.5CVSS7.4AI score0.0104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/12 10:44 a.m.111 views

Security Bulletin: Deserialization vulnerability affect IBM Business Automation Workflow BPM Event Emitters - CVE-2022-1471

Summary A vulnerable copy of snakeyaml is packaged with BPMEventEmitters and CaseEventEmitters in IBM Business Automation Workflow. Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an...

9.8CVSS9.4AI score0.99615EPSS
Exploits7Affected Software2
Kitploit
Kitploit
added 2020/01/22 11:30 a.m.83 views

AlertResponder - Automatic Security Alert Response Framework By AWS Serverless Application Model

AlertResponder is a serverless framework for automatic response of security alert. Overview AlertResponder receives an alert that is event of interest from security view point and responses the alert automatically. AlertResponder has 3 parts of automatic response. 1. Inspector investigates entiti...

7AI score
Exploits0References3
The Hacker News
The Hacker News
added 2016/07/01 12:25 a.m.18 views

Apple Patents Technology to remotely disable your iPhone Camera at Concerts

Here's something you'll not like at all: Apple has been awarded a patent for technology that would prevent you from snapping pictures and shooting videos with your iPhone or iPad at places or events, like concerts or museums, where it might be prohibited or inappropriate. The patent, granted on...

6.6AI score
Exploits0
Rows per page
Query Builder